2058c50de5976c67a09dfa5e0e1c7eb5 | Triage

Sharing

General

Target

2058c50de5976c67a09dfa5e0e1c7eb5
Size

69KB
MD5

2058c50de5976c67a09dfa5e0e1c7eb5
SHA1

77382d77312b1e19761cb59f556b7d78f6217062
SHA256

ea5d007d598e36703c252d48e02d8a1af779b6778a41df23199f41001ade8891
SHA512

d54f10358248f6444ba06142fd86c5d4aa135cde3473eb4a6639c92c9e421e236e5758c8e35c96b059345833792f55ce9b32c2b980bdbffe7e12bcae1268a18d
SSDEEP

1536:KBtmsWLDKY2sqr5kbe9hgG08ZF8otV1B8n:A1kqr5kShPvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2058c50de5976c67a09dfa5e0e1c7eb5

Files

2058c50de5976c67a09dfa5e0e1c7eb5
.exe windows:4 windows x86 arch:x86

86aa0f3c131669b640f875a173e50af7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
TlsAlloc
SetVolumeMountPointA
QueryPerformanceFrequency
AddConsoleAliasA
SetTimerQueueTimer
DisconnectNamedPipe
GetMailslotInfo
FlushViewOfFile
VirtualFree
TlsFree
CreateDirectoryExA
GlobalFindAtomA
ReadConsoleA
UpdateResourceA
FreeResource
GetCommandLineA
ExitProcess
GetStartupInfoA
SetHandleCount
GetComputerNameExA
Toolhelp32ReadProcessMemory
GetConsoleCommandHistoryA
GetProcessShutdownParameters
GetCurrentDirectoryA
IsDebuggerPresent
RegisterConsoleIME
LocalFlags
GetConsoleCommandHistoryLengthA
InitializeCriticalSection

Sections

ATSEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

ATSEC1
Size: - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ATSEC2
Size: 45KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ